headers
Brookins, Neil (Philadelphia | 5 Mar 2012 21:57
Favicon

PCA w/ LU 'n boot_archive

I recently patched several servers following the general steps shown here:
 
After experiencing a problem on one out of six servers, I found this page:
which states that manual update of boot archive is needed. (See issue #2 in the blog)
 
So, modifying the steps shown in the first web page above, with the new revelations from the second page,
I derive these possible steps:
 
# pca -i -R /.alt.patching
 
# rm -f /.alt.patching/platform/`uname -m`/boot_archive
# /.alt.patching/usr/sbin/bootadm -R /.alt.patching  update-archive
 
# luumount patching
 
Can anyone confirm that I’m on the right track here? I’m using ZFS root and non-global zones. I need to use LU to reduce end-user downtime.
 
BTW, the problem that I experienced after rebooting to the patched server, was that it printed many errors, and then it did panic and rebooted.
It seems to stay up now, but I don’t trust it as much since the panic. I’m guessing that the file /kernel/drv/ipsecah.conf was not valid due to the boot archive not getting updated as a part of the patching process.
 
The error shown below repeated, each time with a different character inside the ‘’ marks.
 
… genunix: [ID 107833 kern.warning] WARNING: Unexpected token '^H' on line 1 of /kernel/drv/ipsecah.conf
… genunix: [ID 107833 kern.warning] WARNING: Unexpected token '' on line 2 of /kernel/drv/ipsecah.conf
… last message repeated 1724 times
… savecore: [ID 570001 auth.error] reboot after panic: BAD TRAP: type=31 rp=2a10146eba0 addr=58 mmu_fsr=0 occurr
ed in module "ip" due to a NULL pointer dereference
 
Neil G. Brookins
Identity and Authentication Solutions - IT Global Solutions
Towers Watson
1500 Market Street | Philadelphia, PA 19102
Phone: +1 215 246 6046
 
 
 

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc.

Permalink | Reply |
headers
Fred | 5 Mar 2012 22:17
Picon

Re: PCA w/ LU 'n boot_archive

I've never been through this procedure, and I've done a lot of patching using ZFS root on x86 with pca and live upgrade. (Thanks for the article though, I've got it nicely tucked away in case this ever happens to me).

Your method seems sound, but I'm wondering if removing the boot-archive with rm is necessary. Doing a bootadm update-archive with the appropriate -R alternate root argument should suffice. Completely removing the boot-archive makes me nervous.

Fred

On Mon, Mar 5, 2012 at 3:57 PM, Brookins, Neil (Philadelphia) <neil.brookins <at> towerswatson.com> wrote:
I recently patched several servers following the general steps shown here:
 
After experiencing a problem on one out of six servers, I found this page:
which states that manual update of boot archive is needed. (See issue #2 in the blog)
 
So, modifying the steps shown in the first web page above, with the new revelations from the second page,
I derive these possible steps:
 
# pca -i -R /.alt.patching
 
# rm -f /.alt.patching/platform/`uname -m`/boot_archive
# /.alt.patching/usr/sbin/bootadm -R /.alt.patching  update-archive
 
# luumount patching
 
Can anyone confirm that I’m on the right track here? I’m using ZFS root and non-global zones. I need to use LU to reduce end-user downtime.
 
BTW, the problem that I experienced after rebooting to the patched server, was that it printed many errors, and then it did panic and rebooted.
It seems to stay up now, but I don’t trust it as much since the panic. I’m guessing that the file /kernel/drv/ipsecah.conf was not valid due to the boot archive not getting updated as a part of the patching process.
 
The error shown below repeated, each time with a different character inside the ‘’ marks.
 
… genunix: [ID 107833 kern.warning] WARNING: Unexpected token '^H' on line 1 of /kernel/drv/ipsecah.conf
… genunix: [ID 107833 kern.warning] WARNING: Unexpected token '' on line 2 of /kernel/drv/ipsecah.conf
… last message repeated 1724 times
… savecore: [ID 570001 auth.error] reboot after panic: BAD TRAP: type=31 rp=2a10146eba0 addr=58 mmu_fsr=0 occurr
ed in module "ip" due to a NULL pointer dereference
 
Neil G. Brookins
Identity and Authentication Solutions - IT Global Solutions
Towers Watson
1500 Market Street | Philadelphia, PA 19102
 
 
 

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc.




--
Fred Chagnon
fchagnon <at> gmail.com
Permalink | Reply |
headers
Brookins, Neil (Philadelphia | 6 Mar 2012 15:34
Favicon

Re: PCA w/ LU 'n boot_archive

There are several sources that recommend removing the boot archive before re-creating it. See below.

But, I agree that it shouldn’t be necessary. It doesn’t seem to hurt in any way.

 

http://www.seedsofgenius.net/solaris/solaris-tips-repairing-the-boot-archive

 

http://sun.drydog.com/faq/7.html  See #7.17 from Pradhap Devarajan

 

Neil G. Brookins
Identity and Authentication Solutions - IT Global Solutions

Towers Watson

1500 Market Street | Philadelphia, PA 19102

Phone: +1 215 246 6046

neil.brookins <at> towerswatson.com

 

From: pca-bounces <at> lists.univie.ac.at [mailto:pca-bounces <at> lists.univie.ac.at] On Behalf Of Fred
Sent: Monday, March 05, 2012 4:18 PM
To: PCA (Patch Check Advanced) Discussion
Subject: Re: [pca] PCA w/ LU 'n boot_archive

 

I've never been through this procedure, and I've done a lot of patching using ZFS root on x86 with pca and live upgrade. (Thanks for the article though, I've got it nicely tucked away in case this ever happens to me).

Your method seems sound, but I'm wondering if removing the boot-archive with rm is necessary. Doing a bootadm update-archive with the appropriate -R alternate root argument should suffice. Completely removing the boot-archive makes me nervous.

Fred

On Mon, Mar 5, 2012 at 3:57 PM, Brookins, Neil (Philadelphia) <neil.brookins <at> towerswatson.com> wrote:

I recently patched several servers following the general steps shown here:

 

After experiencing a problem on one out of six servers, I found this page:

which states that manual update of boot archive is needed. (See issue #2 in the blog)

 

So, modifying the steps shown in the first web page above, with the new revelations from the second page,

I derive these possible steps:

 

# pca -i -R /.alt.patching

 

# rm -f /.alt.patching/platform/`uname -m`/boot_archive

# /.alt.patching/usr/sbin/bootadm -R /.alt.patching  update-archive

 

# luumount patching

 

Can anyone confirm that I’m on the right track here? I’m using ZFS root and non-global zones. I need to use LU to reduce end-user downtime.

 

BTW, the problem that I experienced after rebooting to the patched server, was that it printed many errors, and then it did panic and rebooted.

It seems to stay up now, but I don’t trust it as much since the panic. I’m guessing that the file /kernel/drv/ipsecah.conf was not valid due to the boot archive not getting updated as a part of the patching process.

 

The error shown below repeated, each time with a different character inside the ‘’ marks.

 

… genunix: [ID 107833 kern.warning] WARNING: Unexpected token '^H' on line 1 of /kernel/drv/ipsecah.conf

… genunix: [ID 107833 kern.warning] WARNING: Unexpected token '' on line 2 of /kernel/drv/ipsecah.conf

… last message repeated 1724 times

… savecore: [ID 570001 auth.error] reboot after panic: BAD TRAP: type=31 rp=2a10146eba0 addr=58 mmu_fsr=0 occurr

ed in module "ip" due to a NULL pointer dereference

 

Neil G. Brookins
Identity and Authentication Solutions - IT Global Solutions

Towers Watson

1500 Market Street | Philadelphia, PA 19102

 

 

 

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc.




--
Fred Chagnon
fchagnon <at> gmail.com

Notice of Confidentiality

This transmission contains information that may be confidential. It has been prepared for the sole and exclusive use of the intended recipient and on the basis agreed with that person. If you are not the intended recipient of the message (or authorized to receive it for the intended recipient), you should notify us immediately; you should delete it from your system and may not disclose its contents to anyone else.

This e-mail has come to you from Towers Watson Delaware Inc.

Permalink | Reply |

Gmane